
Europaisches Patentamt 
European Patent Office 
Office europeen des brevets 



(2) Publication number: 



0 585 833 A1 



EUROPEAN PATENT APPLICATION 



© Application number: 93113729.3 
_©_Date_of_filinfl: 27.08^93 



@ lnt.CI.5: H04N 7/167 



(g) Priority: 04.09.92 Fl 923980 


© Applicant: NOKIA TECHNOLOGY GmbH 
dstliche Karl-Friedrich-Strasse 132 


® Date of publication of application: 


D-75175 Pforzheim(Ub) 


09.03.94 Bulletin 94/10 


@ Inventor: Heikkinen, Ari 




@ Designated Contracting States: 


Metsakedonkatu 22 AS 6 


DE FR GB IT 


SF-24260 Salo(Fi) 




Inventor: Kangas, Mauri 




Sporentie 21 




SF-21530 Paimio(FI) 




Inventor: Raussi, Juha 




AJokatu 2 




SF-24280 Salo(FI) 




Inventor: Hiltunen, Reino 




Tukkikatu 2 A 




SF-24280 Salo(FI) 



@ Video signal decoder system. 



CO 
00 

IT) 
00 

m 



@ The invention relates to a video signal decoder 
system, in whicli the decoder (BASE) comprises 
decrypting means (2) which provide the decryption 
key and authorization data (14) to the picture gen- 
erating means (4), which generates a decrypted tele- 
vision picture based on the received key and au- 
thorization data (14). The system further comprises a 
smart card interface (3, 5), whereby a smart card 
(SC) can be connected to the decoder (BASE), the 
smart card containing encryption means (6). The 
decoder (BASE) can obtain key and authorization 
data (21) from the smart card (SC) when it is con- 
nected to the decoder, whereby the the decryption 
means (6) of the smart card supplies the key and 
authorization data (21) through the smart card Inter- 
face (3, 5) to the picture generating means (4) of the 
decoder (BASE). 
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The present invention relates to a video signal 
decoder system, in which the decoder comprises 
decrypting means which provide the decryption 
key and authorization data to the picture generating 
means, which generate a decrypted television pic- 
ture based on the received key and authorization 
data. 

For pay-television transmissions it is important 
to be able to encrypt the video signal well enough 
to prevent illegal viewing of pay-television transmis- 
sions. The decryption requires key and authoriza- 
tion data, and often the decoder does not nec- 
essarily know in which order the transmitted lines 
are (if the encryption uses line shuffling), whereby 
the decoder must obtain this key information from 
somewhere. In order to prevent illegal decryption 
the secret key and authorization data must be 
transmitted and kept in a secure way. 

The most usual implementation is that secret 
data, such as the decryption algorithm, are stored 
in the memory of the decoder, whereby it is able to 
decrypt the received signal. This is an optimal 
solution regarding the costs. The need for data 
transmission will be minimal when the decoder 
memory already contyains all data which must be 
kept secret. However, then the encryption system 
will be easy to examine, and if the decryption 
system is broken, then there are no means left to 
the system owner to protect himself against illegal 
viewing. 

A known way to store the decryption data is 
also to put the data on a smart card, from which 
the decoder obtains the required key and authori- 
zation data, whereby the decoder operates only 
when the smart card is inserted in its place. The 
smart card enables the production of equipment 
without an identity, and an easy replacement of the 
encryption system's critical data. However, a smart 
card is quite expensive and an infrastructure is 
required to supply and authorize the cards, and 
thus this causes unnecessary card shipment costs 
also for basic services. There is furthermore always 
a theoretical possibility to break the data transmis- 
sion code by examining the smart card interface. 

The object of the present invention is to pro- 
vide a flexible and secure video signal decoder 
system, which operates independently without a 
smart card, and which is flexible enabling extra 
facilities, such as the viewing of certain single pay- 
programs, and its encryption algorithm can be re- 
placed, when it is observed that somebody was 
able to brake the used encryption algorithm. This is 
possible by realizing a decoder system, in which 
the secret key and authorization, data at least in 
the beginning, are kept in the decoder memory, 
whereby a minimum data transmission need is 
obtained. The decoder moreover has a smart card 
interface, whereby the use of a smart card can be 



allowed when required. A smart card can be used 
as money or a prepaid card containing authoriza- 
tion and key data, e.g. to view extra pay-programs 
during a certain time. 

5 The system presented in the introduction of the 

application is characterized in that it further com- 
prises a smart card interface, whereby a smart 
card can be connected to the decoder, the smart 
card containing encryption means, and whereby 

10 the decoder can obtain key and authorization data 
from the smart card when it is connected to the 
decoder, whereby the decryption means of the 
smart card supplies the key and authorization data 
through the smart card interface to the picture 

75 generating means of the decoder. 

The invention enables partial use of the smart 
card, whereby the basic services can be sold ac- 
cording to the internal system of the decoder, and 
the smart card can be used in selling special 

20 services, whereby the costs caused by the smart 
card can be limited, compared to a system operat- 
ing entirely with a smart card, and the costs can be 
better directed to the paying target group. Because 
the decoder operates fully without a smart card, no 

25 smart card is required during the first phases of the 
decoder system's lifetime. When the services are 
extended, the smart card can be controllable used 
as needed, e.g. during sales campaigns and during 
certain program campaigns. The use of the smart 

30 card can also controllable be barred, so that if it 
seems that somebody has succeeded in breaking 
the encryption algorithm by examining the smart 
card interface, then the use of the smart card can 
easily be barred and still the basic services can be 

35 handled without the smart card. Correspondingly, if 
the protection of the basic system is broken, we 
can change the structure of the whole encryption 
algorithm and the encryption system and take into 
use a new smart card containing the key and 

40 authorization data of the new encryption algorithm 
and encryption system. 

The invention is described in detail below with 
reference to the enclosed figure, which as a block 
diagram shows an embodiment of the decoder 

45 according to the invention. 

The figure shows the base block BASE of the 
decoder and the contents of the smart card SC as 
welt as its connection to the decoder BASE. The 
use of the smart card SC is enabled by sending a 

50 control instruction through the control data 10, 
which can control the control logic 1 On/off-output 
17 on or off. In the basic operation the use of the 
smart card SC is barred, whereby the On/off-output 
17 of the control logic is off. and connecting the 

56 smart card to the decoder causes no activities. The 
smart card interface 3 of the base device directs 
the encrypted data 11 to the decryption circuit 2 of 
the base device, which then controls the sequence 
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generator 4 in accordance with the received data 

12 and authorization 12. If the decryption circuit 2 
is able to and may open the encrypted data 11, 12, 
then the decryption circuit 2 supplies status data 

13 to the control logic 1 and a decryption key 14 to 
the sequence generator 4, which according to the 
key generates a decrypted picture, generates for 
exannple the shuffled lines into the correct order. If 
the picture is encrypted by line shuffling, then the 
sequence generator continuously runs through the 

"^ictufe,""or~circulates'^the" shuffled iines-and-in-ac- 
cordance with the decryption key it extracts the 
lines to the decoder output in a correct order for 
the television set. 

l^the-use-of-^he-smapt-€ard-is-allowed-(or-the_ 



control logic's On/off-output 17 is in the on-state), 
then immediately after the control logic 1 receives 
the Change data 15 it supplies the data further to 
the decryption circuit 2 of the base device. The 
control logic 1 waits a predefined time for the 
status data 13, and when the status data 13 is set 
as an indication that the decryption circuit 2 is able 
to and allowed to decrypt the data 11. 12, then the 
selected data connection is kept. Thus the decryp- 
tion circuit 2 of the base device can be taken into 
use, and the services bought for the base device 
can be utilized. 

If the status data 13 is not set, this is an 
indication that the decryption circuit 2 is not able to 
or not allowed to decrypt the data 11. 12. and then 
the control logic 1 controls the encrypted data to 
the smart card SC by setting the status of the 
Card-output 18 of the control logic. The data trans- 
mission 16 between the smart card SC and the 
base device BASE is structured two-way traffic. 
The control of the data transmission 16 is divided 
between the smart card interface 3 of the base 
device and the smart card interface 5 of the smart 
card. The smart card interfaces 3, 5 control the 
encrypted data 11, 19 to the decryption circuit 6 of 
the smart card SC, whereby the decryption circuit 
returns the decryption keys 20 to the base device 
BASE. If the decryption circuit 6 is able to and 
allowed to decrypt the encrypted data 11, 19, then 
the sequence generator 4 obtains, appropriate to 
the situation, the correct key 21 through the smart 
card interfaces 3, 5. 

In order for the base device to be able to 
decrypt data 1 1 , the base device decryption circuit 
2 and the smart card decryption circuit 6 must use 
the same algorithm, if somebody breaks the al- 
gorithm of the base device, the smart card SC can 
use a new algorithm, unknown to the base device, 
whereby the decryption circuit 2 of the base device 
never can decrypt the encrypted data 11, but the 
decryption can be done only by the smart card SC. 

In the system according to the present inven- 
tion it is possible to utilize the smart card in several 



different ways, and it is possible to freely choose 
the way it is used independently of the base device 
operation. Thus the smart card can be used in 
several different ways to enable the viewing of a 
pay-program for a certain time, whereby it is usu- 
ally prepaid. The communication between the 
smart card and the base device must be specified, 
but this specification does not bind to make any 
such basic choices, on the basis of which it would 
be possible to illegally unravel the encryption by 

examining-the-smart-card-interface. J"hus oneJimir . 

tation of the system is that it must operate accord- 
ing to a defined communication method, which 
however does not limit the functions implemented 
-75 by_the^smart caxd.. 
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Claims 



A video signal decoder system, in which the 
decoder (BASE) comprises decrypting means 
(2) which provide the decryption key .and au- 
thorization data (14) to the picture generating 
means (4), which generates a decrypted televi- 
sion picture based on the received key and 
authorization data (14). characterized in that it 
further comprises a smart card interface (3, 5), 
whereby a smart card (SC) can be connected 
to the decoder (BASE), the smart card contain- 
ing encryption means (6), and whereby the 
decoder (BASE) can obtain key and authoriza- 
tion data (21) from the smart card (SC) when it 
is connected to the decoder, whereby the the 
decryption means (6) of the smart card sup- 
plies the key and authorization data (21) 
through the smart card interface (3, 5) to the 
picture generating means (4) of the decoder 
(BASE). 

System according to claim 1, characterized 
in that it comprises a control logic (1), which 
on the basis of its control data input (10) either 
allows or bars the use of the smart card by 
supplying as its On/off-output (17) to the smart 
card interface (3) an instruction to go on or off, 
respectively. 

System according to claim 1, characterized 
in that the encrypted data (11) is supplied to 
the decoder's smart card interface (3), from 
where the data is supplied to the decoder's 
decryption means (2), and 

- if the decryption means (2) supplies to 
the control logic (1) an indication that it is 
able to decrypt, then the data connection 
is kept and the decoder's decryption 
means (2) supply to the picture generat- 
ing means (4) the required key and au- 
thorization data (14), 
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- . otherwise the encrypted data (11) is sup- 
plied through the smart card interface (3, 
5) to the smart card's decryption means 
(6), which supplies the required key and 
authorization data (21) to the picture gen- 5 
erating means (4). 



10 



15 



20 



25 



30 



35 



40 



45 



50 



55 



4 



i 



EP 0 585 833 A1 



15xJ 



CHANGE 



CONTROL DATA 



10 



y 



ON/0 



± 



1 

CONTROL 
LOGIC 



ENCRYPTED DATA 




-17 
18 



CARD 



13 

STATUS \ 



12 



SMART CARD 
INTERFACE 



1 



DECRYPTION 
CIRCUIT 



DATA 



KEYS 



'16 



SEaUENCE 
GENERATOR 



SMART CARD 
INTERFACE 



DATA 
7 



6 



20 



KEYS 



DECRYPTION 
CIRCUIT 



z 



BASE 



•SC 



5 



European Patent 
Office 



EUROPEAN SEARCH REPORT 



AppUcattofi NumlMr 

EP 93 11 3729 



DOCUMENTS CONSIDERED TO BE RELEVANT 



CaCesory 



Citodon of document with indication, where appropriatea 
of reievant pa 



Relevant 
to daim 



CLASSIFICATION OF THE 
APPUCAT10N Oat. CLS ) 



EP-A-O 506 435 (SCIENTIFIC-ATLANTA, INC.) 

* page 8, line 41 - page 10, line 44; 
figures 7,8 * 

US-A-5 029 207 (KEITH B. GAMMIE) 

* column 10, line 11 - column 12, line 6; 
figures 4-9 * 

EP-A-O 471 373 (GENERAL INSTRUMENT 
CORPORATION) 

* column 5, line 5 - column 9, line 15; 
figure 1 * 



1-3 



1-3 



1-3 



H04N7/167 



The prcscat searcli report has been drawn up for ail 



TECHNICAL FIELDS 
SEARCHED (Int. CLS ) 



H04N 



Plata of 

BERLIN 



DMaaf c— gliHaaaf ttaaa«th 

24 NOVEMBER 1993 



DUDLEY C, 



CATEGORY OF CITED DOCUMENTS 

X : particnlariy rdflvant if taken aloM 

Y : pirdcnlariy rdevaot if combined wftli another 

document of the same categofy 
A : tediBologlcal backgroond 
O : noo-inrttten disdosare 
P : intcfnedlate document 



T : theory or prtndple underlying the invantioB 
E : eaitier patsit document, but pubUstked on, or 

tftv the filing date 
D : document dted In the appUcatton 
L : docamant dted for other reasoas 

* : racnber of the same patent ftmliy, comspondhftg 
doauseat 



